deep-review

SUSPICIOUS: the core review behavior is coherent, but the skill includes transitive skill installation instructions from an unpinned GitHub repo and relies on other skills not included here. No credential harvesting or exfiltration is evident, but the trust chain and agent-to-agent expansion make it medium risk.